Method and System for Subscriber to Log in Internet Content Provider (ICP) Website in Identity/Location Separation Network and Login Device Thereof

ABSTRACT

The present invention provides a method and system for a user to log in an Internet Content Provider (ICP) website in an identification location separation network and a login device thereof. The method includes: after receiving an access data packet of a user, the ICP website obtaining an identification code of the user therein, and transmitting the identification code of the user to an Internet Service Provider (ISP) authentication center; the ISP authentication center authenticating the user based on the identification code of the user, and if the authentication is passed, the ISP authentication center returning an authentication passed message, which contains the identification code of the user, to the ICP website; after receiving the authentication passed message, the ICP website obtaining personal information of the user according to the identification code of the user, and then the user logging in the ICP website.

TECHNICAL FIELD

The present invention relates to the field of mobile communication andthe filed of Internet, and in particular, to a method and a system for auser to log in an Internet Content Provider (ICP) website in anidentification location separation network and a login device thereof.

BACKGROUND ART

With the development of information technology, information network,with the Internet being the representative, has played more and moreimportant function in the economic and social development. The status ofInternet in the people's life also becomes more and more important.

There are two kinds of enterprises providing Internet services forpeople: one is called as Internet Service Provider (ISP), which ownsnetwork resources, and provides Internet access service for the users byvarious accessing ways, such as Asymmetric Digital User Line (ADSL),3rd-Generation (3G), Ethernet and Wireless Local Area Network (WLAN),and so on, for example, all basic telecommunication operators, such asChina Telecom and China Mobile, belong to this kind of Internet serviceprovider; another kind is called as Internet Content Provider (ICP),which opens various kinds of websites on the Internet, and providesvarious Internet services, such as news, Email, game, search, chat andso on, for people, and enterprises, such as Sina, Tencent, Baidu and soon, all belong to this kind of Internet service provider.

In the related art, Transmission Control Protocol/Internet Protocol(TCP/IP) is the basic protocol of the Internet, which is divided intofive layers and whose protocol stack is as shown in Table 1. Wherein,them most crucial is the IP protocol for the network layer, and accessbetween users is achieved through the IP address; TCP and UDPrespectively provide two communication modes, namely,connection-oriented and non-connection-oriented; the protocol in theapplication layer provides users with various specific services, such asWEB access (HTTP), EMAIL service, Voice over IP (VoIP) service (based onSIP), and so on.

TABLE 1 Application layer HTTP (HyperText Transfer Protocol), EMAIL, SIP (Session Initiation Protocol), etc. Transmission layer TCP, UDP (UserDatagram Protocol ) Network layer IP Link layer Ethernet, ATM(Asynchronous Transfer Mode), 3G link, etc. Physical layer Fiber, cable,radio wave, etc.

Based on the above network structure, the ISP authentication centerneeds to authenticate the user when the user accesses the internet. Forexample, in the ADSL accessing mode, the ISP authentication centerprovides a user name and a password for the user in advance, and afterthe user enters the user name and the password on the terminal, the ISPauthentication center authenticates the user and then distributes to theuser an IP address. The user accesses various services in the Internetafterwards through this IP address, and this IP address is analogous toa temporary identification of the user. Similarly, in a mobile network,an ISP authentication center (e.g. China Mobile) will distribute to eachuser a User Identification Module (SIM) card, which is to be insertedinto the mobile phone, and when the user accesses the internet, the ISPauthentication center authenticates the user according to theInternational Mobile User Identification (IMSI) information on the SIMcard. After authentication is passed, an IP address is also distributedto the user.

Since an IP address has dual attributes, namely, identificationattribute and location attribute, the IP address cannot be used as along-term identification identifier of the user. The reasons are: on onehand, the IP address is the identification attribute of the user, and onthe other hand, the IP address is the location attribute of the user,wherein, the IP address prefix of the user indicates the sub-networkwhere the user is currently in, so after the location of the userchanges, a different address must be distributed, otherwise, the routercannot forward data packets correctly to the user. Therefore, in thecurrent Internet, the IP address distributed to the user by the ISPauthentication center is not fixed every time the user accesses theInternet.

Just because the IP address distributed to the user by the ISP is notnecessarily the same, the ICP must establish a set of useridentification identifying system by itself in order to identify theidentification of the user. The ICP website identifies the user in twosteps, the first being registration, and the second being login. A usersets by himself a user name (must not overlap with existing user names)and a password during registration, and enters other personalinformation, such as date of birth, gender, telephone number, E mailaddress, occupation, hobby, etc. The ICP website stores this informationin its own database, and registration of the user is completed. When theusers logs in, the ICP website will require the user to enter a username and a password, and the user may access various services of the ICPwebsite after authentication is passed.

As can be seen, in the existing Internet, there are two authenticationsfor a user to access an ICP website: the ISP authentication centerimplements an authentication for the user to access the Internet, andthe ICP website implements another authentication for the user to visitits website. Since the user usually needs to visit a plurality ofwebsites and an authentication is needed every time the user visits anICP website, there are actually a plurality of authentications. Pluralauthentications cause big inconvenience to the user to access theInternet, for example: the user name and password can be easilyforgotten; if the user visits the website for the first time, the userneeds to register before visiting, even if the user visits this websitefor only one time. Moreover, for the ICP website, it is very costly toestablish a user identifying system by itself.

Currently, the mobility and security problem caused by the defect ofdual attributes of the IP address has become a bottleneck for furtherdevelopment of the Internet. In order to solve this problem, study isbeing made in the industry on a plurality of next-generation networktechnologies based on an identification location separation network,such as Locator/Identifier Separation Protocol (LISP), Host IdentityProtocol (HIP), Six/one, integrated network and so on. The commonfeature of these technologies is that two coding spaces areincorporated: an identification code indicating the identification ofthe user, and a location code indicating the location of the user.Therefore, each user has both an identification code and a locationcode. The upper-layer service connection such as TCP and UDP establishesa communication connection with the opposite end based on theidentification code of the user. When the user moves, the location codeof the user also changes, but the identification code of the user keepsunchanged. Therefore, movement of the user will not cause interruptionof the upper-layer service.

The protocol stack based on an identification location separationnetwork is as shown in Table 2.

TABLE 2 Application layer HTTP, EMAIL, S IP, e tc. Transmission layerTCP, UDP Network layer Identification code or IP Link layer Ethernet, ATM, 3G link, etc. Physical layer Fiber, c able, radio wave, etc.

After the identification code and the location code of the user areseparated, a fixed identification code can be distributed to each user.When the user accesses the Internet, the ISP authentication centerauthenticates the user, and after authentication is passed, the ISPauthentication center finds out in the data base the identification codedistributed to the user in advance and issues it to the user to use, andthis identification code is the identification identifier of the userwhen accessing the Internet. In this scheme, the distributedidentification code every time the user accesses the Internet is thesame.

However, in the current technology of identification location separationnetwork, the identification code of the user is only used foridentification of the user in the network layer, i.e., the ISPauthentication center uses this identification code for identificationof the user accessing the Internet. While the ICP website stillestablishes by itself a set of identification identifying system. Theuser still needs to firstly register before login when visiting an ICPwebsite. The problem of plural authentications when the user accessesInternet is still not solved, which limits the launch of new services.

SUMMARY OF THE INVENTION

The technical problem to be solved in the present invention is toprovide a method and a system for a user to log in an Internet ContentProvider (ICP) website in an identification location separation networkand a login device to avoid the trouble of plural registrations andauthentications when the user visits an ICP website.

In an identification location separation network, the user has anidentification code indicating his identification, and theidentification code of user is distributed by the ISP authenticationcenter, but the identification code of the user is not used for theauthentication of the user by the ICP website in the existingidentification location separation network, and the user still needs toregister and log in when visiting an ICP website. The present inventionprovides a method of a user logging in an ICP website using hisidentification code in an identification location separation network.

In order to solve the problem, the present invention provides a methodfor a user to log in an Internet Content Provider (ICP) website in anidentification location separation network, comprising the followingsteps of:

after receiving an access data packet of a user, the ICP websiteobtaining an identification code of the user in the data packet, andtransmitting the identification code of the user to an Internet ServiceProvider (ISP) authentication center;

the ISP authentication center authenticating the user based on theidentification code of the user, and if the authentication is passed,the ISP authentication center returning an authentication passedmessage, which contains the identification code of the user, to the ICPwebsite;

after receiving the authentication passed message, the ICP websiteobtaining personal information of the user according to theidentification code of the user, and then the user logging in the ICPwebsite.

Preferably, the above method is also characterized in that:

the personal information of the user comprises universal personalinformation and service-related personal information; wherein,

the service-related personal information is information generated whenthe user uses the ICP website;

the universal personal information is information of the user stored inthe ISP authentication center unrelated with services.

Preferably, the above method is also characterized in that:

the universal personal information comprises one or more of name,gender, date of birth, degree, telephone number, Email address andfamily address information.

Preferably, the above method is also characterized in that:

the service-related personal information comprises one or more of pointsobtained by the user, virtual money, temporally stored products, orderrecording, search recording and user level information.

Preferably, the above method is also characterized in that:

the step of the ISP authentication center authenticating the user basedon the identification code of the user specifically comprises thefollowing steps:

after receiving an authentication request sent by an ICP website, theISP authentication center searching a database in the ISP authenticationcenter using the identification code of the user carried in theauthentication request as a keyword, and if user informationcorresponding to the identification code of the user is obtained, theauthentication being passed.

Preferably, the above method is also characterized in that:

the authentication passed message sent by from the ISP authenticationcenter to the ICP website further comprises the universal personalinformation of the user;

the step of the ICP website obtaining personal information of the useraccording to the identification code of the user specifically comprises:

after receiving the authentication passed message, the ICP websitequerying the service-related personal information of the user in thedatabase of the ICP website according to the identification code of theuser, and combining the universal personal information and theservice-related personal information of the user into the personalinformation of the user.

Preferably, the above method is also characterized in that:

the step of the ICP website obtaining personal information of the useraccording to the identification code of the user specifically comprises:

the ICP website sending a query request message to the ISPauthentication center to query the universal personal information of theuser;

the ICP website querying the service-related personal information of theuser in the database of the ICP website according to the identificationcode of the user;

after receiving the universal personal information of the user sent bythe ISP authentication center, the ICP website combining the universalpersonal information and the service-related personal information of theuser into the personal information of the user.

Preferably, the above method is also characterized in that:

if the ICP website cannot find the service-related personal informationof the user in the local database, the ICP website locally generatesservice-related personal information of the user.

In order to solve the problem, the present invention provides a systemfor a user to log in an Internet Content Provider (ICP) website in anidentification/location separation network, comprising a user, the ICPwebsite and an Internet Service Provider (ISP) authentication center,wherein,

the user is configured to send to the ICP website a visit data packetcarrying an identification code of the user;

the ICP website is configured to obtain the identification code of theuser in the visit data packet, and send the identification code of theuser to the ISP authentication center; and after receiving anauthentication passed message sent by the ISP authentication center,obtain personal information of the user, and complete login of the user;

the ISP authentication center is configured to receive theidentification code of the user sent by the ICP website, andauthenticate the user through the identification code of the user; andreturn the authentication passed message to the ICP website after theauthentication is passed.

Preferably, the above system is also characterized in that:

the personal information of the user comprises universal personalinformation and service-related personal information; wherein,

the universal personal information is information of the user stored inthe ISP authentication center unrelated with services, and comprises oneor more of name, gender, date of birth, degree, telephone number, Emailaddress and family address information;

the service-related personal information is information generated whenthe user uses the ICP website, and comprises one or more of pointsobtained by the user, virtual money, temporally stored products, orderrecording, search recording and user level information.

In order to solve the above problem, the present invention furtherprovides a login device, applied in an Internet Content Provider (ICP)website, the login device comprising an identification code obtainingunit and a user information obtaining unit, wherein:

the identification code obtaining unit is configured to, obtain anidentification code of a user in a visit data packet, and send theidentification code of the user to an Internet Service Provider (ISP)authentication center;

the user information obtaining unit is configured to, after receiving anauthentication passed message of the user sent by the ISP authenticationcenter, obtain personal information of the user, and complete login ofthe user.

Preferably, the above device is also characterized in that:

the personal information of the user comprises universal personalinformation and service-related personal information;

the user information obtaining unit is configured to obtain theuniversal personal information of the user from the authenticationpassed message of the user sent by the ISP authentication center; and,after receiving the authentication passed message, query theservice-related personal information of the user in a database of theICP website according to the identification code of the user, andcombine the universal personal information and the service-relatedpersonal information of the user into the personal information of theuser.

Preferably, the above device is also characterized in that:

the user information obtaining unit is configured to, after receivingthe authentication passed message, send a query request message to theISP authentication center to query the universal personal information ofthe user, and query the service-related personal information of the userin the database of the ICP website according to the identification codeof the user, combine the universal personal information and theservice-related personal information of the user into the personalinformation of the user.

Preferably, the above device is also characterized in that:

the user information obtaining unit is configured to, if theservice-related personal information of the user cannot be found in theICP website, locally generate service-related personal information ofthe user.

By the above method, system and device, when accessing the Internet, auser can access all kinds of ICP websites using the identification codedistributed by the ISP authentication center after passing only oneauthentication in the ISP authentication center without the necessity ofanother authentication, which facilitates not only the user but also theICP website.

BRIEF DESCRIPTION OF DRAWINGS

FIG. 1 is a schematic diagram of a user logging in an ICP website usinghis identification code according to an example of the presentinvention.

FIG. 2 is a flowchart of a user logging in an ICP website according toan example of the present invention.

FIG. 3 is a schematic diagram of the login device according to anexample of the present invention.

PREFERRED EMBODIMENTS OF THE INVENTION

The specific embodiments of the present invention will be describedbelow with reference to the drawings.

FIG. 1 illustrates a user logging in an ICP website using hisidentification code according to one example. In this example, the datapacket of a user 101 for visiting an ICP website (through an accessrouter 102) comprises the identification code of the user, and the ICPwebsite 103 sends the identification code to an ISP authenticationcenter 104 for authenticating the user, and if the authenticationimplemented by the ISP authentication center 104 on the user accordingto the identification code is passed, the ISP authentication center 104returns the universal personal information of the user to the ICPwebsite 103, and then the ICP website 103 searches for theservice-related personal information of the user in a local database,after which, the user 101 completes logging in the ICP website.

Wherein, the action of the user 101 logging in the ICP website 103 herecomprises the ICP website 103 identifying the identification of the userand obtaining the personal information of the user.

Wherein, the personal information of the user comprises the universalpersonal information and service-related personal information of theuser.

The universal personal information of the user is unrelated withspecific services and is stored in the ISP authentication center 104,comprising one or more of name, gender, date of birth, degree, telephonenumber, Email address and family address information, and the ICPwebsite 103 can query the universal personal information of the userfrom the ISP authentication center 104 by signing an agreement (acooperation agreement between the ISP authentication center 104 and theICP website 103) with the ISP authentication center 104 in advance.

The service-related personal information of the user is the informationgenerated when the user 101 uses this ICP website 103, comprising one ormore of points and virtual money obtained by the user, temporalitystored products, order recording, search recording and user levelinformation, and this kind of information is generally stored by the ICPwebsite 103 itself.

FIG. 2 illustrates a user logging in an ICP website according to theabove method, which specifically comprises the following steps.

Step 210, a user sends to an ICP website a visit data packet carrying anidentification code of the user in an identification location separationnetwork.

Step 220, after receiving the visit data packet of the user, the ICPwebsite extracting the identification code of the user from the visitdata packet.

Step 230, the ICP website initiating an authentication request to an ISPauthentication center, wherein the authentication request contains theidentification code of the user.

Step 240, after receiving the authentication request sent by the ICPwebsite, the ISP authentication center authenticating the user by usingthe identification code of the user therein.

Wherein, the user can be authenticated in the following way.

When authenticating the user, the ISP authentication center searches adatabase in the ISP authentication center using the identification codeof the user as a keyword;

if user information corresponding to the identification code of the useris found, authentication is passed, and execute step 250;

otherwise, the authentication is not passed, the ISP authenticationcenter returns an authentication un-passed message to the ICP website,and end.

Step 250, after the authentication is passed, the ISP authenticationcenter sends an authentication passed message containing theidentification code of the user to the ICP website.

In this step, the authentication passed message sent from the ISPauthentication center to the ICP website may further comprise theuniversal personal information of the user.

Step 260, after receiving the authentication passed message, the ICPwebsite queries the service-related personal information of the user inthe local database according to the identification code of the user inthe authentication passed message, and combining the universal personalinformation and the service-related personal information of the userinto complete personal information of the user.

In this step, if the authentication passed message received by the ICPwebsite does not comprise the universal personal information of theuser, the ICP website sends a query request message to the ISPauthentication center to query the universal personal information of theuser; after receiving the universal personal information of the usersent by the ISP authentication center, the ICP website combines theuniversal personal information and the service-related personalinformation of the user into complete personal information of the user;

if the ICP website cannot find the service-related personal informationof the user in the local database after receiving the authenticationpassed message, it means that the user visits this website for the firsttime, and the ICP website locally generates service-related personalinformation of the user.

Step 270, the process of the user logging in the ICP website iscompleted.

Correspondingly, the present invention further provides a system for auser to log in an Internet Content Provider (ICP) website in anidentification location separation network, comprising a user, the ICPwebsite and an ISP authentication center, wherein,

the user is configured to send to the ICP website a visit data packetcarrying an identification code of the user;

the ICP website is configured to obtain the identification code of theuser in the visit data packet, and send the identification code of theuser to the ISP authentication center; and after receiving anauthentication passed message sent by the ISP authentication center,obtain personal information of the user, and complete login of the user;

the ISP authentication center is configured to receive theidentification code of the user sent by the ICP website, andauthenticate the user through the identification code of the user; andreturn the authentication passed message to the ICP website after theauthentication is passed.

Wherein, the personal information of the user comprises universalpersonal information and service-related personal information;

the universal personal information comprises one or more of name,gender, date of birth, degree, telephone number, Email address andfamily address information;

the service-related personal information is information generated whenthe user uses the ICP website, and comprises one or more of pointsobtained by the user, virtual money, temporality stored products, orderrecording, search recording and user level information.

Preferably, the ISP authentication center is configured to, afterreceiving an authentication request sent by an ICP website, search adatabase in the ISP authentication center using the identification codeof the user carried in the authentication request as a keyword, and ifuser information corresponding to the identification code of the user isobtained, pass the authentication.

Preferably, the ICP website is configured to obtain the universalpersonal information of the user from the authentication passed messageof the user sent by the ISP authentication center; and, after receivingthe authentication passed message, query the service-related personalinformation of the user in the local database according to theidentification code of the user, and combine the universal personalinformation and the service-related personal information of the userinto the personal information of the user.

Preferably, the ICP website is configured to, after receiving theauthentication passed message, send a query request message to the ISPauthentication center to query the universal personal information of theuser, and query the service-related personal information of the user inthe database of the ICP website according to the identification code ofthe user, combine the universal personal information and theservice-related personal information of the user into the personalinformation of the user.

Preferably, the ICP website is configured to locally generateservice-related personal information of the user, if the service-relatedpersonal information of the user cannot be found in the ICP website.

As shown in FIG. 3, the login device according to the example of thepresent invention, applied in an Internet Content Provider (ICP)website, comprises an identification code obtaining unit 301 and a userinformation obtaining unit 302, wherein:

the identification code obtaining unit 301 is configured to, obtain anidentification code of a user in a visit data packet, and send theidentification code of the user to an Internet Service Provider (ISP)authentication center;

the user information obtaining unit 302 is configured to, afterreceiving an authentication passed message of the user sent by the ISPauthentication center, obtain personal information of the user, andcomplete login of the user.

Preferably, the user information obtaining unit 302 is configured toobtain the universal personal information of the user from theauthentication passed message of the user sent by the ISP authenticationcenter; and, after receiving the authentication passed message, querythe service-related personal information of the user in a database ofthe ICP website according to the identification code of the userobtained from the identification code obtaining unit 301, and combinethe universal personal information and the service-related personalinformation of the user into personal information of the user.

Preferably, the user information obtaining unit 302 is configured to,after receiving the authentication passed message, send a query requestmessage to the ISP authentication center to query the universal personalinformation of the user, query the service-related personal informationof the user in the database of the ICP website according to theidentification code of the user obtained from the identification codeobtaining unit 301, and combine the universal personal information andthe service-related personal information of the user into the personalinformation of the user.

Preferably, the user information obtaining unit 302 is configured to, ifthe service-related personal information of the user cannot be found inthe database of the ICP website, locally generate service-relatedpersonal information of the user.

A person having ordinary skill in the art can appreciate that all orpart of the steps in the above step can be implemented by instructingrelated hardware through a program, which may be stored in a computerreadable storage medium, such as read-only memory, disk or an opticaldisk, and so on. Optionally, all or part of the steps in the aboveexamples can be also implemented using one or more integrated circuits.Correspondingly, each module/unit in the above examples can beimplemented in the form of hardware, or in the form of softwarefunctional module. The present invention is not limited to any specificform of combination of hardware and software.

Although the present invention is described with reference to particularexamples, a person having ordinary skill in the art can makemodifications and transformations without departing from the spirit orscope of the present invention. Such modifications and transformations,however, shall be regarded as within the scope of the description andthe scope of the attached claims.

INDUSTRIAL APPLICABILITY

The method and system for a user to log in an ICP website in anidentification location separation network and a login device thereofprovided in the present invention enables a user, when accessing theInternet, to access all kinds of ICP websites using the identificationcode distributed by the ISP authentication center after passing only oneauthentication in the ISP authentication center without the necessity ofanother authentication, which facilitates not only the user but also theICP website.

1. A method for a user to log in an Internet Content Provider (ICP)website in an identification location separation network, comprising:after receiving an access data packet of a user, the ICP websiteobtaining an identification code of the user in the data packet, andtransmitting the identification code of the user to an Internet ServiceProvider (ISP) authentication center; the ISP authentication centerauthenticating the user based on the identification code of the user,and if the authentication is passed, the ISP authentication centerreturning an authentication passed message, which contains theidentification code of the user, to the ICP website; and after receivingthe authentication passed message, the ICP website obtaining personalinformation of the user according to the identification code of theuser, and then the user logging in the ICP website.
 2. The methodaccording to claim 1, wherein, the personal information of the usercomprises universal personal information and service-related personalinformation; wherein, the service-related personal information isinformation generated when the user uses the ICP website; the universalpersonal information is information of the user stored in the ISPauthentication center unrelated with services.
 3. The method accordingto claim 2, wherein, the universal personal information comprises one ormore of name, gender, date of birth, degree, telephone number, Emailaddress and family address information.
 4. The method according to claim2, wherein, the service-related personal information comprises one ormore of points obtained by the user, virtual money, temporally storedproducts, order recording, search recording and user level information.5. The method according to claim 1, wherein, the step of the ISPauthentication center authenticating the user based on theidentification code of the user specifically comprises: after receivingan authentication request sent by an ICP website, the ISP authenticationcenter searching a database in the ISP authentication center using theidentification code of the user carried in the authentication request asa keyword, and if user information corresponding to the identificationcode of the user is obtained, the authentication being passed.
 6. Themethod according to claim 2, wherein, the authentication passed messagesent by from the ISP authentication center to the ICP website furthercomprises the universal personal information of the user; the step ofthe ICP website obtaining personal information of the user according tothe identification code of the user specifically comprises: afterreceiving the authentication passed message, the ICP website queryingthe service-related personal information of the user in the database ofthe ICP website according to the identification code of the user, andcombining the universal personal information and the service-relatedpersonal information of the user into the personal information of theuser.
 7. The method according to claim 2, wherein, the step of the ICPwebsite obtaining personal information of the user according to theidentification code of the user specifically comprises: the ICP websitesending a query request message to the ISP authentication center toquery the universal personal information of the user; the ICP websitequerying the service-related personal information of the user in thedatabase of the ICP website according to the identification code of theuser; and after receiving the universal personal information of the usersent by the ISP authentication center, the ICP website combining theuniversal personal information and the service-related personalinformation of the user into the personal information of the user. 8.The method according to claim 6, wherein, in the step of the ICP websitequerying the service-related personal information of the user in thedatabase of the ICP website according to the identification code of theuser, if the ICP website cannot find the service-related personalinformation of the user in the local database, the ICP website locallygenerates the service-related personal information of the user.
 9. Asystem for a user to log in an Internet Content Provider (ICP) websitein an identification location separation network, comprising a user, theICP website and an Internet Service Provider (ISP) authenticationcenter, wherein, the user is configured to send to the ICP website avisit data packet carrying an identification code of the user; the ICPwebsite is configured to obtain the identification code of the user inthe visit data packet, and send the identification code of the user tothe ISP authentication center; and after receiving an authenticationpassed message sent by the ISP authentication center, obtain personalinformation of the user, and complete login of the user; the ISPauthentication center is configured to receive the identification codeof the user sent by the ICP website, and authenticate the user throughthe identification code of the user; and return the authenticationpassed message to the ICP website after the authentication is passed.10. The system according to claim 9, wherein, the personal informationof the user comprises universal personal information and service-relatedpersonal information; wherein, the universal personal information isinformation of the user stored in the ISP authentication centerunrelated with services, and comprises one or more of name, gender, dateof birth, degree, telephone number, Email address and family addressinformation; the service-related personal information is informationgenerated when the user uses the ICP website, and comprises one or moreof points obtained by the user, virtual money, temporally storedproducts, order recording, search recording and user level information.11. A login device, applied in an Internet Content Provider (ICP)website, the login device comprising an identification code obtainingunit and a user information obtaining unit, wherein: the identificationcode obtaining unit is configured to, obtain an identification code of auser in a visit data packet, and send the identification code of theuser to an Internet Service Provider (ISP) authentication center; theuser information obtaining unit is configured to, after receiving anauthentication passed message of the user sent by the ISP authenticationcenter, obtain personal information of the user, and complete login ofthe user.
 12. The device according to claim 11, wherein, the personalinformation of the user comprises universal personal information andservice-related personal information; the user information obtainingunit is configured to obtain the universal personal information of theuser from the authentication passed message of the user sent by the ISPauthentication center; and, after receiving the authentication passedmessage, query the service-related personal information of the user in adatabase of the ICP website according to the identification code of theuser, and combine the universal personal information and theservice-related personal information of the user into the personalinformation of the user.
 13. The system according to claim 11, wherein,the personal information of the user comprises universal personalinformation and service-related personal information; the userinformation obtaining unit is configured to, after receiving theauthentication passed message, send a query request message to the ISPauthentication center to query the universal personal information of theuser, and query the service-related personal information of the user inthe database of the ICP website according to the identification code ofthe user, combine the universal personal information and theservice-related personal information of the user into the personalinformation of the user.
 14. The system according to claim 12 or 13,wherein, the user information obtaining unit is configured to, if theservice-related personal information of the user cannot be found in theICP website, locally generate service-related personal information ofthe user.
 15. The method according to claim 2, wherein, the step of theISP authentication center authenticating the user based on theidentification code of the user specifically comprises: after receivingan authentication request sent by an ICP website, the ISP authenticationcenter searching a database in the ISP authentication center using theidentification code of the user carried in the authentication request asa keyword, and if user information corresponding to the identificationcode of the user is obtained, the authentication being passed.
 16. Themethod according to claim 3, wherein, the step of the ISP authenticationcenter authenticating the user based on the identification code of theuser specifically comprises: after receiving an authentication requestsent by an ICP website, the ISP authentication center searching adatabase in the ISP authentication center using the identification codeof the user carried in the authentication request as a keyword, and ifuser information corresponding to the identification code of the user isobtained, the authentication being passed.
 17. The method according toclaim 4, wherein, the step of the ISP authentication centerauthenticating the user based on the identification code of the userspecifically comprises: after receiving an authentication request sentby an ICP website, the ISP authentication center searching a database inthe ISP authentication center using the identification code of the usercarried in the authentication request as a keyword, and if userinformation corresponding to the identification code of the user isobtained, the authentication being passed.
 18. The method according toclaim 7, wherein, in the step of the ICP website querying theservice-related personal information of the user in the database of theICP website according to the identification code of the user, if the ICPwebsite cannot find the service-related personal information of the userin the local database, the ICP website locally generates theservice-related personal information of the user.
 19. The systemaccording to claim 13, wherein, the user information obtaining unit isconfigured to, if the service-related personal information of the usercannot be found in the ICP website, locally generate service-relatedpersonal information of the user.